Archives

Well, with some new responsibilities I have, I’m going to have to pause this blog for a bit. I hope to start it up again in the next month or so, but you can check back occasionally, or follow @AppendOverwrite on Twitter.

Between pulling an all-nighter at work last week, and the catch-up that followed, and a busy and stressful week this week, I’ve missed two deadlines here. I’m still hoping to keep posting, but you might not get anything until next week.

November 21, 2016. I once heard Leo Laporte say in the course of one of his podcastsnetcasts that if you use a service and can’t tell someone what that service’s product is (in regard to making money), you, the user, are the product. As I think that through, there is a lot of truth in that. Philosophically, Facebook’s product may be a platform to connect people and enable the spread of information, but in a practical/business sense, their product is you. Their money is made by getting advertisers to buy ads. Advertisers buy ads as a way of buying your attention and time. In a very way, you are the product while advertisers are the customers.

This by itself is not negative. Advertising can truly be beneficial to a person, connecting that person with a legitimate need or want to a quality source for filling the need/want. Advertising is likely more often benign, with a person making an acceptable and small trade of attention for no reward (from the ad or advertiser), but can also be varying levels of negative, by greatly distracting or even offending the person seeing the ad.

Most concerns regarding advertising though are not focused on what you give up in attention, time, or efficiency. A greater concern for many comes from the privacy trades you may have to make.

Tracking of activity and habits is not necessarily bad or is at least not bad in itself. If we are going to have services or content provided which is made possible by advertising revenue, there is a certain logic in trying to make sure those ads are as useful as possible, so being served ads that are targeted to the user become more appealing.

Additionally, “Artificial Intelligence” with bots, virtual assistants, and machine learning is the focus of many large tech companies. These new technologies are dependent on large quantities of user data being available to learn from.

What’s the takeaway from all of this?

Someone has to pay for the sites and services you use online. When given the option, consider paying instead of always looking for the free option.

Most of all, educate yourself about the products you use and weigh what you get vs. what you give up.

Well, here’s the first of the “I’ve got nothing to write” posts. The past week was fairly slow in tech news and highly political which isn’t an arena I’m interested in entering. So, for now, I’ve got nothing.

I have a co-worker who has made the point that you never say “The building (or network) is secure.” You say “The building appears secure.” His years of experience in security and I.T. have taught him well.

I’ve spent the past week pondering to what extent true digital security exists. We experience varying levels of the feeling of security which in turn may broadly parallel reality in our personal level of digital security, but in all likelihood, our feeling of security is tied more to our ignorance of our vulnerability than it is to any real evaluation of our digital lives.

Among the interesting things I read this week was an article that pointed to a group of Wall Street heavyweights that avoid email for substantive communication, with some avoiding the medium altogether. Prosecutors have for years been using email communications to build legal cases in the financial world, and even if a court decides in favor of the organization, the contents of embarrassing emails have made their way to the public, unlikely to be forgotten.

A more frightening article I read this week described how a trio of hospitals in the UK were crippled by a computer virus outbreak. In response to the infection, the first hospital shut down the majority of its computer networks as they worked to fight the virus. Due to a shared IT system, a second hospital was taken offline by the same action. This caused the cancellation of most non-emergency procedures and forced many people to divert to nearby hospitals for their emergency medical needs. This account brought to mind the case earlier this year where a hospital in California had to pay a large Bitcoin ransom to decrypt their data following a cyber-attack.

Vulnerabilities in the sites, devices, and services we use are constantly being searched out by people like the hackers who breached Yahoo’s email system in 2014. News of the breach surfaced only within the last two months, years after the hackers gained access, retrieving information on roughly half of a billion users.

Another problem core to the insecurity of our digital lives is that in addition to flaws and vulnerabilities being found in the construction of the devices and services we use, often we the user can be “engineered” to work against our own security. So-called “social engineering” attacks target human nature rather than machine or software vulnerabilities.

The chairman of one of the major political campaigns this year was targeted with a message designed to get him to expose his email credentials. Being cautious, he ran the message past an IT technician who recommended the chairman change his password, but unfortunately, the advice was unclear and the resulting action revealed information not just about the campaign manager, his candidate, and campaign, but various people and organizations he had been in contact with via that email account.

All this with the recent rise of the Mirai Botnet (and subsequent fall of internet connectivity on the East Coast) has highlighted the issue: We must start considering the realities of our digital security. While there’s little logic in marching toward an offline lifestyle or even to start doing or purchasing drastic new security measures, there needs to be a renewed focus on some basics. For one, consider what you say and do, and where and how you say/do it. Assume that the services and devices you use are vulnerable. What should you change about your usage habits?

Postscript: There was a bright spot that came through my feed this week specific to digital security. Popular password manager LastPass this week announced they were making free a previously premium feature; You can now sync your LastPass database across an unlimited number of devices for free. Many people have the extremely insecure practice of using the same password across multiple (or all) sites and services. This means that as soon as one service you use is breached attackers can use your information to try logging into any other site or service. While maintaining unique passwords may seem too difficult a task, using a password manager can make it less onerous. Check out LastPass, 1Password, and KeePass and take a step toward a more secure digital life.

A note to lead this off: Unless otherwise noted, I refer to laptops/notebooks and desktops as PCs regardless of whether they run MacOS or Windows. So when you see “PC” here it will be making a distinction between gadgets like phones and tablets, and non-mobile and less mobile devices.

October 29, 2016. This week the technology landscape was dominated by discussions around events held by Microsoft and Apple. Microsoft’s event on Wednesday, Oct. 26 was officially a software event where the company revealed changes and improvements coming to the flagship product, the Windows 10 Operating System.

Available ‘Early 2017’, the next major update to the OS has been dubbed the ‘Creator’s Update’ by the company and focuses a lot of energy on making Windows appeal to the creative market such as graphic designers, photographers, and illustrators. Historically the creative market has been a strong segment for Apple while Microsoft’s strengths and customer base have been more in the enterprise and productivity realms along with gaming.

Microsoft has not abandoned their base with the update, though, as they are working improving productivity, especially by way of making collaboration smoother, and pouring time and talent into the burgeoning field of virtual reality, which appears to many to be the next big revolution in computer gaming (though VR also has promise for broader applications than just playing).

Despite it officially being a software/Windows event, the hardware announcements of the day generated the most buzz. The company revised and upgraded their existing hardware products (the Surface Pro tablet and Surface Book notebook that can be turned into a tablet), but the big news on the physical front was the new Surface Studio. This new device is an all-in-one desktop computer with a top tier 28″ screen which offers high pixel density, capacitive multi-touch, and precision stylus input.The clever design is both well-reviewed aesthetically and impressive in its functionality. The base contains all the main computing components while the screen is suspended on a trick hinge that holds the screen stable in whatever position you place it, but allows the screen to move with a single finger motivating it into whatever new position you wish, including a nearly horizontal, drawing table like surface. There is also a wireless ‘Surface Dial’ which is a new accessory that can be used to offer quick access to certain tools and adjustments, by spinning the Dial on the screen or desk.

Apple’s event was held on Thursday, Oct. 27, and focused on the MacBook lineup. Apple’s popular MacBook Pro lineup was showing its age and the aforementioned creative professional demographic was ready for a mobile computer offering more power than Apple’s lighter duty MacBook and MacBook Air options with newer and better internal components than the MacBook Pro offerings that were now a few years old in design.

Apple released a completely re-worked MacBook Pro in 13″ and 15″ screen sizes.The new notebooks have simplified the port offerings, sporting four Thunderbolt 3 (via USB 3.1C) ports that serve as charging ports (in place of Apple’s popular MagSafe connector which is not present on the new offerings), video (in place of the HDMI or DisplyPort options most people are familiar with), and the only option for adding digital peripherals. This will prove an interesting transitional time as users of the new MacBook Pro will have to deal with adapters and dongles for a while until cables for connecting USB-C to many common items are readily available. The new notebooks do sport a 3.5mm analog headphone/headset jack but have done away with the onboard SD card reader that is near ubiquitous on laptops.

The prominent new feature of the 2016 MacBook Pro is the replacement of the function key row (above the number row) with a touch screen that offers the expected volume and brightness controls while also adapting to the application in use on the main screen of the laptop. This adaptive area of the touch strip allows app developers to offer custom tools and buttons to the user. On the right edge of the strip, a TouchID fingerprint sensor has also been added for logging into the system, and integration into Apple Pay for online purchases.

The popular MacBook Air lineup has been left untouched. This has been mostly seen as the first step in abandoning the now aging lineup, with their non-Retina displays, and older overall architecture and these suspicions are fed by the release of a ‘budget’ model of the 13″ Pro that starts at the lowest Pro price point by sacrificing the new touch strip in favor of a more traditional function key row.

While the PC market as a whole has been in decline for years, and some people are finding their computing needs met by some combination of smartphone and tablet, it is obvious that even in decline the PC market is still plenty large and receiving attention from the large players in the tech world.

Postscript: While these major players are putting time and resources into their part of the PC industry, by no means does this mean their fan bases are entirely thrilled with the direction or results. The new MacBook Pro is especially under fire for its specs compared to price, with some professionals making the case it no longer deserves its “Pro” designation.

To anyone who stumbles across this site, an obvious question would be “Why does this exist?”

The purpose of this site is primarily to give me an outlet and an impetus to regularly write. I chose to write about technology since it interests me and is a broad field with many products, plots, and players. It is also something I follow generally due to working in Information Technology for years.

This site will never compete with the top players in technology reporting. I am not a journalist and have neither the skill nor the stamina to offer full featured coverage of this expansive industry.

There are plenty of great sources to keep up with technology news and progress, and realistically I don’t expect to gain a readership other than the occasional friend, relative, or co-worker. One benefit of this lack of an audience is I can do some experimentation.

What can you, the mythical, as of yet non-existent reader of this blog expect? I will likely start writing up small reviews of the apps and services I use. I can then give them to people who ask what I use and why for various tasks. I will also post small pieces about tech happenings that interest me, and I hope to start creating headline/aggregation posts sending you to the publications and pieces that interest me.

On Friday, October 10th, 2016, cyber attacks on an extremely large scale targeted a deep level Internet infrastructure providing company called Dyn. The attacks resulted in many internet traffic problems, especially on the East Coast, and resulted in a large number of prominent sites and services being down entirely. Visa, PayPal, Reddit, and Amazon were among the many large internet presences that faced outages.
The attacks were implemented by taking advantage of security vulnerabilities in so-called “Internet of Things (IoT)” devices. These include modern household appliances that have internet connectivity. After taking control of these types of devices on a large scale, the as of yet unknown masterminds of the attack were able to attack Dyn with a Distributed Denial of Service (DDoS) attack. This flood of traffic is designed to overwhelm the target with an impossible amount of traffic and information requests. With Dyn crippled, it was unable to serve the routing and translation needs it generally provides to internet providers and data centers (AKA Server Farms).
Even offline communities and individuals were affected when retail establishments were unable to process credit cards, and perform other tasks that rely on internet provided communication.